Pre-Q storage perm should behave hard restricted

Test: atest --test-mapping frameworks/base/services/core/java/com/android/server/policy:presubmit Fixes: 131188778 Change-Id: If99dc99e8164156ae15f6617d0383513d505e15e
author: Philip P. Moltmann <moltmann@google.com> 2019-05-30 08:27:19 -0700
committer: Philip P. Moltmann <moltmann@google.com> 2019-06-03 08:36:58 -0700
commit: 8625cdd03bfa6d88adeb2772adf3efeafa79e3da (patch)
tree: f7299818a3115d2ed73f0dfdcdea4a0142082bae
parent: faa788aff087f0a51426b2f2cd39c7353b812553 (diff)
3 files changed, 57 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index beb72686d6ce..4edd9eff7397 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -97,6 +97,7 @@ import com.android.server.pm.SharedUserSetting;
 import com.android.server.pm.UserManagerService;
 import com.android.server.pm.permission.PermissionManagerServiceInternal.PermissionCallback;
 import com.android.server.pm.permission.PermissionsState.PermissionState;
+import com.android.server.policy.SoftRestrictedPermissionPolicy;
 
 import libcore.util.EmptyArray;
 
@@ -2121,11 +2122,18 @@ public class PermissionManagerService {
 
         if (bp.isHardRestricted()
                 && (flags & PackageManager.FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) == 0) {
-            Log.e(TAG, "Cannot grant restricted non-exempt permission "
+            Log.e(TAG, "Cannot grant hard restricted non-exempt permission "
                     + permName + " for package " + packageName);
             return;
         }
 
+        if (bp.isSoftRestricted() && !SoftRestrictedPermissionPolicy.forPermission(mContext,
+                pkg.applicationInfo, permName).canBeGranted()) {
+            Log.e(TAG, "Cannot grant soft restricted permission " + permName + " for package "
+                    + packageName);
+            return;
+        }
+
         if (bp.isDevelopment()) {
             // Development permissions must be handled specially, since they are not
             // normal runtime permissions.  For now they apply to all users.
diff --git a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
index 87dfe3e2d3a2..127bf3c7d033 100644
--- a/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
+++ b/services/core/java/com/android/server/policy/SoftRestrictedPermissionPolicy.java
@@ -24,17 +24,29 @@ import static android.app.AppOpsManager.MODE_IGNORED;
 import static android.app.AppOpsManager.OP_LEGACY_STORAGE;
 import static android.app.AppOpsManager.OP_NONE;
 import static android.content.pm.PackageManager.FLAG_PERMISSION_APPLY_RESTRICTION;
+import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT;
+import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT;
+import static android.content.pm.PackageManager.FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT;
 
 import android.annotation.NonNull;
 import android.app.AppOpsManager;
 import android.content.Context;
 import android.content.pm.ApplicationInfo;
+import android.os.Build;
+import android.util.Log;
 
 /**
  * The behavior of soft restricted permissions is different for each permission. This class collects
  * the policies in one place.
  */
 public abstract class SoftRestrictedPermissionPolicy {
+    private static final String LOG_TAG = SoftRestrictedPermissionPolicy.class.getSimpleName();
+
+    private static final int FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT =
+            FLAG_PERMISSION_RESTRICTION_SYSTEM_EXEMPT
+                    | FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT
+                    | FLAG_PERMISSION_RESTRICTION_INSTALLER_EXEMPT;
+
     private static final SoftRestrictedPermissionPolicy DUMMY_POLICY =
             new SoftRestrictedPermissionPolicy() {
                 @Override
@@ -51,6 +63,11 @@ public abstract class SoftRestrictedPermissionPolicy {
                 public boolean shouldSetAppOpIfNotDefault() {
                     return false;
                 }
+
+                @Override
+                public boolean canBeGranted() {
+                    return true;
+                }
             };
 
     /**
@@ -70,11 +87,13 @@ public abstract class SoftRestrictedPermissionPolicy {
             // collections.
             case READ_EXTERNAL_STORAGE:
             case WRITE_EXTERNAL_STORAGE: {
-                boolean applyRestriction = (context.getPackageManager().getPermissionFlags(
-                        permission, appInfo.packageName, context.getUser())
-                        & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
+                int flags = context.getPackageManager().getPermissionFlags(
+                        permission, appInfo.packageName, context.getUser());
+                boolean applyRestriction = (flags & FLAG_PERMISSION_APPLY_RESTRICTION) != 0;
+                boolean isWhiteListed = (flags & FLAGS_PERMISSION_RESTRICTION_ANY_EXEMPT) != 0;
                 boolean hasRequestedLegacyExternalStorage =
                         appInfo.hasRequestedLegacyExternalStorage();
+                int targetSDK = appInfo.targetSdkVersion;
 
                 return new SoftRestrictedPermissionPolicy() {
                     @Override
@@ -99,6 +118,19 @@ public abstract class SoftRestrictedPermissionPolicy {
                         // turn on isolated storage. This will make the app loose all its files.
                         return getAppOpMode() != MODE_IGNORED;
                     }
+
+                    @Override
+                    public boolean canBeGranted() {
+                        if (isWhiteListed || targetSDK >= Build.VERSION_CODES.Q) {
+                            return true;
+                        } else {
+                            Log.w(LOG_TAG, permission + " for " + appInfo.packageName
+                                    + " is not whitelisted and targetSDK " + targetSDK + "<"
+                                    + Build.VERSION_CODES.Q);
+
+                            return false;
+                        }
+                    }
                 };
             }
             default:
@@ -122,4 +154,9 @@ public abstract class SoftRestrictedPermissionPolicy {
      * {@link AppOpsManager#MODE_DEFAULT}.
      */
     public abstract boolean shouldSetAppOpIfNotDefault();
+
+    /**
+     * @return If the permission can be granted
+     */
+    public abstract boolean canBeGranted();
 }
diff --git a/services/core/java/com/android/server/policy/TEST_MAPPING b/services/core/java/com/android/server/policy/TEST_MAPPING
index 437ef7392a3a..02b0e21a33c0 100644
--- a/services/core/java/com/android/server/policy/TEST_MAPPING
+++ b/services/core/java/com/android/server/policy/TEST_MAPPING
@@ -27,6 +27,14 @@
           "exclude-annotation": "androidx.test.filters.FlakyTest"
         }
       ]
+    },
+    {
+      "name": "CtsPermission2TestCases",
+      "options": [
+        {
+          "include-filter": "android.permission2.cts.RestrictedPermissionsTest"
+        }
+      ]
     }
   ],
   "postsubmit": [
author	Philip P. Moltmann <moltmann@google.com>	2019-05-30 08:27:19 -0700
committer	Philip P. Moltmann <moltmann@google.com>	2019-06-03 08:36:58 -0700
commit	8625cdd03bfa6d88adeb2772adf3efeafa79e3da (patch)
tree	f7299818a3115d2ed73f0dfdcdea4a0142082bae
parent	faa788aff087f0a51426b2f2cd39c7353b812553 (diff)